Over 1 million tech questions and answers.

Can someone analyze this hijackthis scan result for me?

Q: Can someone analyze this hijackthis scan result for me?

My computer is really messed up right now - it's running slow and freezing and I ran this scan but I don't know what any of it means -
Thank you!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:17:17 PM, on 9/19/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17099)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\DSentry.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R3 - URLSearchHook: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
O1 - Hosts: 216.93.168.167 auto.search.msn.com
O1 - Hosts: 216.93.168.167 auto.search.msn.com
O1 - Hosts: 216.93.168.167 sitefinder.verisign.com
O1 - Hosts: comments (such as these) may be inserted on individual
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {638d9a6a-bc24-4542-ad58-7fff54c87ce1} - C:\WINDOWS\system32\jamuyudu.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [gezitazelu] Rundll32.exe "C:\WINDOWS\system32\ruvoyohu.dll",s
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OUEtTkdZRlktOUo0S1ktMDhaM1ItNEw0TTAtNEVCNFk"&"inst=NzYtOTE1Njc5OTQ4LUJBKzEtS1YzKzctWEwrMS1UNC1YTzM2KzEtVEI5KzItTjFEKzEtUEwrOS1RSVgxKzMtU1AxKzEtVFVHKzMtU1AxUzIrMS1TVUQrMS1TMUkrMS1TVTMrMS1ERFQrMzI4MDItREQxMCsxLVNUMTBBUFArMS1MU0QrMi1TMTBEREYrMQ"&"prod=92"&"ver=10.0.1410
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1164055650281
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\wopahunu.dll,C:\WINDOWS\system32\rofogeri.dll,C:\WINDOWS\system32\joyalupo.dll,C:\WINDOWS\system32\jehepeyu.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - http://e13.email.excite.com/viewer.php/?m=0&mid=798&p=2.2&ArdSI=81a202d8811e4407eed52286eea414aa

--
End of file - 10294 bytes

RELEVANCY SCORE 200
Preferred Solution: Can someone analyze this hijackthis scan result for me?

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Can someone analyze this hijackthis scan result for me?

According to your HiJackThis log, your computer is infected.

I'm not authorized to assist you in this section without the approval of a Moderator or gold shield member, so you need to wait until one replies.

You also need to read here.

-------------------------------------------------------

Read other 2 answers
RELEVANCY SCORE 72.4

Hi anyone Suddenly yesterday my PC started behaving weird....my browsers (both Iexplorer and Mozilla) wouldnt open the pages I requested and the whole system seemed to slow down....Since then I`ve been scanning my PC with Avast antivirus,Ad-Aware,SpyBot and SuperAntiSpyware...and found a couple of viruses...wich I have now deleted(so I dont remember the names anymore:( I did also run the HiJackThis...but Im having trouble analyzing the log file..even tough I have my suspicions to a few entries...I`d like to hear from some of you experts here if you could be so kindly as to help me with this?Here`s the last log file:Logfile of HijackThis v1.99.1Scan saved at 21:03:16, on 19.03.2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16414)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files&#... Read more

A:Need Help To Analyze Hijackthis Scan

Hello Baz70, I am SifuMike and I will be helping you. Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update. Updating Java: Download the latest version of Java Runtime Environment (JRE) 6. Scroll down to where it says "Java Runtime Environment (JRE) 6". Click the "Download" button to the right. Check the box that says: "Accept License Agreement". The page will refresh. Click on the link to download Windows Offline Installation, Multi-language jre-6-windows-i586.exe and save to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java. Check any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-6-windows-i586.exe to install the newest version.****************** Disable your antivirus program and go here http://www.bitdefender.com/scan8/ie.html and run an online scan with BitDefender (you will need to use Internet Explorer for this scan). When the ActiveX Control has loaded, click on "Click here to scan". This scan may take a few hours. It all depends on ... Read more

Read other 2 answers
RELEVANCY SCORE 71.6

Hello It's me VIncentI'm from Indonesia and it seems that I have problems with my computersometimes it's running slow and stop workingi have scan with my hijackthis and hopefully you can help me solving this problemsThanks Guys!!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:49:14 PM, on 6/19/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Avira\AntiVir Desktop\sched.exeC:\Program Files\Avira\AntiVir Desktop\avguard.exeC:\Program Files\AVI\avid.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\Program Files\Spyware Terminator\sp_rsser.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\AVI\avid.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Intel\NCS\PROSet\PRONoMgr.exeC:\Program Files\Anal... Read more

A:Please Analyze My Hijackthis Scan, I'm from Indonesia

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 17 answers
RELEVANCY SCORE 71.6

as was suggested to another user in this Forum. I am a total newbie here, so please excuse my ignorance. I got the following report from the results...can someone help me decipher this please? :
ComboFix 08-06-11.7 - Ellen Weintraub 2008-06-13 13:05:16.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.251 [GMT -4:00]
Running from: C:\Documents and Settings\Ellen Weintraub\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\ErrorProtector Free
C:\Documents and Settings\All Users\Application Data\ErrorProtector Free\Data\Abbr
C:\Documents and Settings\All Users\Application Data\ErrorProtector Free\Data\ActivationCode
C:\Documents and Settings\All Users\Application Data\ErrorProtector Free\Data\HOURS
C:\Documents and Settings\All Users\Application Data\ErrorProtector Free\Data\ProductCode
C:\Documents and Settings\Ellen Weintraub\Application Data\ErrorProtector Free
C:\Documents and Settings\Ellen Weintraub\Application Data\ErrorProtector Free\Logs\update.log
C:\Documents and Settings\Ellen Weintraub\ResErrors.log
C:\Program Files\errorprotector free
C:\Program Files\errorprotector free\Activate.dat
C:\Program Files\errorprotector free\bnlink.dat
C:\Program Files\errorprotector free\DataBase.sav ... Read more

A:please can somebody help me analyze the results of my Hijackthis scan

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-06-13 19:16:39
PROTECTIONS: 1
MALWARE: 33
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
CA Anti-Virus 9.0.0.170 Yes No
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00065327 adware/coolsavings Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{549f95... Read more

Read other 1 answers
RELEVANCY SCORE 62.4

Thanks,

Following is the KRC HijackThisAnalyzer results

LeicaM13

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 1/23/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [NPROTECT] c:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM... Read more

A:Please analyze this result.txt

Duplicate thread at:

http://www.techsupportforum.com/showthread.php?t=36402

Thread closed.

Read other 1 answers
RELEVANCY SCORE 61.2

The Intel Driver & Support Assistant said that it had an update: Intel® Graphics Driver for Windows* [15.40]. When I did a scan with the Lenovo Companion app, it said there were no updates available. Why the difference of opinion betwee the two apps?

Read other answers
RELEVANCY SCORE 61.2

Logfile of HijackThis v1.97.7
Scan saved at 23:34:06, on 04/10/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\PROGRA~1\NORTON~2\navapw32.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-gb\msnappau.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\LimeWire\LimeWire 4.0.8\LimeWire.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Eric\Local Settings\Temporary Internet Files\Content.IE5\012LMNO7\HijackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.123mania.com/0809/ie.asp
R3 - URLSearchHook: SrchHook Class - {15651C7C-E812-44a2-A9AC-B467A2233E7D} - C:\WINDOWS\System32\G... Read more

A:removing 123 mania please analyze my result

Hi ericdino

Welcome to TSG!

A new version of Hijack This has been released so get rid of the old one and Click here to download the new one, come back here and post the log from it.
 

Read other 1 answers
RELEVANCY SCORE 54.8

Hey guys,
I posted this originally on May 2nd and have never gotten a response. If I don't have anything to be concerned about, please, just let me know. I have always gotten very good assistance with my troubles and questions before. Maybe I just posted my question in the wrong place.

Question about scan
I am not really having a problem but I am curious about the results of a scan by AVG Free. When my scan is complete, I get the results shown in Attach. #1. I click on "remove all unhealed infections and I get the results shown in Attach. #2. Also enclosed is the results from my HiJackThis scan. Thanks for the help.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:18:31 PM, on 5/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\A... Read more

Read other answers
RELEVANCY SCORE 54.8

Hi,

Can anyone tell me if this file is harmful, it was picked up while scanning with AVG software, status read at the top of the it said it had been changed, this is the file:

C:WINDOWS\SYSTEM32\ntoskrnl.exe

Is this whats called a kernal, this is not in my virus vault but keeps coming up on the scan each time.

Thanks
 

A:AVG scan result

See post #4 in this thread: http://forums.techguy.org/security/554221-solved-avg-finds-ntoskrnl-exe.html
 

Read other 2 answers
RELEVANCY SCORE 54.8

When I run a virus scan using AVG I get the message C:\windows\system32\drivers\etc\hosts change result: changed. I have attached Kappersky and DSS scan results. Do I have something to worry about? besides AVG I have SpyBot which I update and run every couple of days. Thanks in advance for your help.

A:Avg Scan Result

Hello StalagmiteWelcome to the Bleeping Computer Malware Removal Forum, sorry about the delay, but the amount of people posting with infected computers is through the roof and sometimes we can't get to logs as fast as we would like to. If you have not resolved your issue and still need assistance, download and install Hijackthis by Trendmicro and post a log, copy and paste it into the thread by using the Add Reply button, please do not attach it. I am looking at a possible trojan on your system.Download Trendmicros Hijackthis to your desktop.Double click it to installFollow the prompts and by default it will install in C:\Program Files\Trendmicro\Hijackthis\Highjackthis.exeOpen HJT Scan and Save a Log File, it will open in Notepad Go to Format and make sure Wordwrap is UncheckedGo to Edit> Select All.....Edit > Copy and Paste the new log into this thread by using the Post Reply and not start a New Thread.DO NOT have HijackThis fix anything yet. Most of what it finds will be harmless or even required.

Read other 2 answers
RELEVANCY SCORE 54.4

Hello everyone, I have no clue how to distinguish virus from essential files???

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:26:54 AM, on 22/11/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\NEGIN\Desktop\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5742z&r=27361110x915l04g4z155v47j2134s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5742z&r=27361110x915l04g4z155v47j2134s
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5742z&r=27361110x915l04g4z155v47j2134s
R1 - HKLM\Software\Microsoft&... Read more

A:Need help with "hijack this" scan result PLEASE!!!

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the ... Read more

Read other 2 answers
RELEVANCY SCORE 54.4

I have been having some problems as of late with my internet connection... various sites not being found, timeouts, cannot find server etc....

I call me EARTHLINK TECH support... and they suggested I make some cahnges in my dial-up networking, etc... and suggested I do a HIJACK-THIS scan.

I did the scan... and here are the results. I was wondering if anyone would look at the results and maybe make some reccomendations.....

Thank you.

DAVID
Logfile of HijackThis v1.97.7
Scan saved at 2:14:06 AM, on 1/18/2004
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MS HARDWARE\POINT32.EXE
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER\DPPS2.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\MINDBEAT\INVISIBLE! 2001\INVISIBLE.EXE
C:\WINDOWS\SYSTEM\MSWHEEL.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\OPERA7\OPERA.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = DAVIDS' INTERNET BROWSER
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Ma... Read more

A:Can someone help me with this HIJACK THIS scan result.

Read other 7 answers
RELEVANCY SCORE 54.4

Anyone know what this result means?

My windows processes are running really slow and was wondering if this is causing the problem.
 

A:AVG Virus Scan Result Help

Hi and welcome to TSG.
It should only concern you if it says it was infected.
Quote from Avg help forum.
"It is normal that AVG shows that files, the MBR or Boot record to have changed.
These are done during normal maintainance, when you or windows updates files or have had to correct errors on the drive.
The only time that you should worry is if they also show as infected."

Check link below for suggestions on Pc Maintenance.
http://computercleanup.blogspot.com/
List includes..
Scan For Viruses.
Scan for Spyware.
Microsoft updates.
-----------------------------------
Disk Cleanup.
Check Hard Drive for Errors.
Defragment Your Hard Drive.
-------------------------------------
Registry Cleanup is in their list but
Cleaning the registry may cause you more problem than you started with..
so it would be best to skip that one.
 

Read other 2 answers
RELEVANCY SCORE 54.4

Any Malaware experts out there to take a look at these results and let me know what to do next ????

Refers to my earlier thread this morning about desktop startup errors.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:52:35, on 11/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\TOSHIBA\TOSHIBA RAID\Service\kraidsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\NORTON~4\NORTON~1\NPROTECT.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\NORTON~4\... Read more

A:DLL Error HJT Scan result

This is a duplicate post.
Original thread and HJT log are here
AND has been moved to the MalWare forum,
 

Read other 1 answers
RELEVANCY SCORE 54.4

I found following items with earthlink protection virus scanner.
Winmovieplugin homepage hijacker, dialer
Coolwebsearch bho, adware
Pornmagpass adware, homepage hijacker, Trojan M
Elitemediapopup adware, driveby download
Transponder.bloger adware bho
Searchsquire adware, searchpage hijacker
spywareQuake thiefware
SafetyBar adware,Bho

I deleted the items but I cannot update avg spyscanner, but can still scan with it. Should I take any other steps to ensure that my system has really gotten rid of these things. Thanks in advance.

A:I got following in one virus scan result

G'Day hes4l,


Quote:




Should I take any other steps to ensure that my system has really gotten rid of these things.




Yes indeed there are!

Go to the link "The 5 Steps", in my signature; read the instructions carefully; then, post a HJT Log in the HJT Forum, where one of the trained analysts will help you 'clean' your machine.

Now once you have posted your HJT log, there are two things you need to do....

Firstly, subscribed to your posting, so that you can receive instant email notification about any replies.

The other thing is; please be patient with receiving your first reply, as the HJT analysts are usually very busy.
So, I recommend if after say, 48 hours, you have not received any response to your request, go back into your thread, and type in "bump"; this will bring your post back to the front page, and to the attention of an available analyst.

Good luck with it!

If you have any other queries/concerns, feel free to post back.

Read other 1 answers
RELEVANCY SCORE 54.4

I have Windows XP and an AdAware scan hit on this as malware[Windows Reg Data Malware HKEY -Classes-Root:regfi Possi]. Can anyone tell me what this is? AdAware can seem to do anything with it and SpyBot doesn't recognize it . Please help.
 

A:AdAware scan Result

This could possibly be a sign of a possible browser hijack attempt. If ad-aware has found it, remove it. Download, update and run spybot, post your log and I'm sure someone will be along to help you with any problem soon. Nothing to worry about though, I have had lots of possible hijack attempts.
Wizzkid
 

Read other 3 answers
RELEVANCY SCORE 54.4

Hi guys,

I just finished running a scan with spybot search & destroy and it came back with the following result (attached a pic). The problem is that I have heard the name before coolwwwsearch which is what was picked up and I thought it must be bad but just to be sure I checked the particular files in my registry. The files all belong to a program I just recently installed called Zero popup pro which as you can guess from the name is a popup blocker. I'm not sure what to do now and was hoping someone can advise whether to ignore what spybot has found or could that popup blocker program be some type of spyware?
 

A:Spybot scan result

Read other 9 answers
RELEVANCY SCORE 54.4

Thought I may have got an infection (sonar.heuristic.130).  So I ran numerous scans.  
Norton Internet Security A/V, Norton Power Eraser, MS Safety Scanner, ESET Online Scanner, Super-Antispyware, Malwarebytes, ADW, TDS Killer, and R Kill.
All my scans ok, less the ADW find.  Wasn't sure to delete the registry key, so I didn't.  I took a screen shot of LAN settings but couldn't figure how to attach, if I was supposed to.
 
The result of ADW scan:
# AdwCleaner v4.110 - Logfile created 16/02/2015 at 01:37:05
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Fred - ATHEIST
# Running from : C:\Users\Fred\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - localhost:8080
 
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
*************************
AdwCleaner[R0].txt - [679 bytes] - [16/02/2015 01:37:05]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [737 bytes] ##########
 
Screen I tried to attach
Internet Options/Connections/LAN Settings
   Automatic configuration heading........only Automatically detect settings is checked
   Proxy server heading..........................box is un... Read more

Read other answers
RELEVANCY SCORE 54.4

Hiya All

Happy Easter.

I ran Malwarebytes yesterday as PC not right.Results of 15 objects found.Can someone please explain them or advise further?

Malwarebytes' Anti-Malware 1.36
Database version: 1966
Windows 5.1.2600 Service Pack 3

11/04/2009 20:23:50
mbam-log-2009-04-11 (20-23-50).txt

Scan type: Full Scan (C:\|F:\|)
Objects scanned: 130528
Time elapsed: 1 hour(s), 17 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 11
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTW... Read more

A:Malwarebytes scan result

Hello

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please start a new thread in our Virus/Trojan/Spyware forum along with the required logs

Read other 1 answers
RELEVANCY SCORE 54.4

Windows RegData Malware HKEY_Classes_Root:refi Possi This is what I get as malware. What is it. Adaware won't remove it and Spybot doesn't recognize it as a problem. Please help.
 

A:Adaware scan result

bump
 

Read other 1 answers
RELEVANCY SCORE 54

Hi,

I've got a message prompted whenever I startup my laptop:

"Unable to open Skip Five Five.iyb74c file"

I've got instructions to do the 5 steps process and have not been able to fulfill Step 2. Whenever I try to install the files for the PAndanScan, a message will prompt as below:

---------------------------
Microsoft Visual C++ Runtime Library
---------------------------
Runtime Error!

Program: C:\Windows\system32\DllHost.exe

abnormal program termination

---------------------------
OK
---------------------------



Instead, I have run a HijackThis Scan and below is the report:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:02:55 PM, on 25/7/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wm... Read more

A:Please help to analyze data from scan

BUMP, please

Read other 1 answers
RELEVANCY SCORE 54

Logfile of HijackThis v1.97.7
Scan saved at 8:45:12 AM, on 11/1/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\SK9910DM.EXE
C:\WINNT\GWMDMMSG.exe
C:\WINNT\System32\hkcmd.exe
C:\Program Files\Gateway Utilities\GWInkMonitor.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\WINNT\System32\gfrper.exe
C:\temp\msbb.exe
C:\WINNT\QuickBrowser.exe
C:\Program Files\Lycos\IEagent\Loader.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINNT\System32\systime.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\svcmm32.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\Program Files\Bcpc\bcpc.exe
C:\WINNT\System32\wyuark.exe
C:\WINNT\System32\keyword.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Common Files\WinTools\WToolsA.exe
C:\WINNT\TEMP\tb_setup.exe
C:\WINNT\iedll.exe
C:\WINNT\System32\msmc.exe
... Read more

A:please analyze hijack this scan-thanks

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

You have an outdated version of HijackThis. Click here to get the latest version of HijackThis.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point.

Please download Ad-aware SE and install it if you don't have it already. Make sure it's the newest version and check for any updates before running it. Go to this site to get the plug-in for fixing VX2 variants. To run this tool, go into Ad-aware->Add-ons a... Read more

Read other 3 answers
RELEVANCY SCORE 53.6

I have the following output from a ComboFix scan and need help with interpreting the results. I recently purchased this machine used and do not know much history on it. Thanks for any help.((((((((((((((((((((((((((((( [email protected]_06.29.10 ))))))))))))))))))))))))))))))))))))))))).+ 2009-05-23 06:30 . 2009-05-23 06:30 16384 c:\windows\Temp\Perflib_Perfdata_3a4.dat.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-17 1947928]c:\documents and settings\Administrator\Start Menu\Programs\Startup\mod_sm.lnk - c:\hp\bin\cloaker.exe [1999-11-7 27136]c:\documents and settings\Owner\Start Menu\Programs\Startup\spamsubtract.lnk - c:\program files\interMute\SpamSubtract\SpamSubtract.exe [2003-7-26 552960]c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - c: ... Read more

A:ComboFix Scan Result Interpretation

ComboFix logs should not be posted outside the HijackThis forums, and then ONLY WHEN REQUESTED. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert." It is NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.Running ComboFix by yourself is like performing open heart surgery on yourself--the scalpel and other surgical tools that is ComboFix is meant to be wielded by a highly trained surgeon only in emergencies or dire circumstances. When the surgeon is thru s/he leaves the room. So combofix should be removed from a system once it has accomplished its job, unlike an AV that is there to protect you from future infections.. . . CF does make some alterations to your system if you run it. Even if you had no malware removed and run the uninstall command, some things may be different now on your system. I can tell you that one thing is that all your restore points will be flushed out and a new one created. There is a good reason to do that when you have a severe infection--but if you aren't infected you might need those restore points.Read and abide by the disclaimer people. It's there for a reason. Stick to running and protecting yourself with a good AV and firewall and ... Read more

Read other 1 answers
RELEVANCY SCORE 53.6

I recently loaded my os vis recovery disc I downloaded Avast free version. All seems ok until I looked at the scan log for this scan and it has 15 files that could not be scanned explaining it witht he message after each one Error: Archive is password Protect... Nothing should be password protected on the machine yet asd I haven set any.
The path indicated is the same except for the ending;
C: User\user2\...|>download.js
downloader.dll
downloaderror.js
downloadfailure.js
downloadmanager.js
downloadslate.js
manifest.json
launcher.dll
launcher.js
manifest.json
process.js
serialize.js
textfilereader.js
textfilewriter.js

IS the usual procedure of hijackthis, necessary here or can someone explain this?

Thanks
 

A:Solved: Avast scan result is odd

Read other 8 answers
RELEVANCY SCORE 53.6

I have an HP Precision Scan LTX and it was working just fine the last time I used it. Today it will not work properly and no matter what I scan I just get an all black page with no picture or text.

Any suggestions? Thanks.
 

A:Scanner will not scan - result is all blacked out

Is the scanner lamp operating?
 

Read other 2 answers
RELEVANCY SCORE 53.6

I have just run a Malwarebytes (free version) scan, and get one potential problem as per the image below.

It refers to a tool I downloaded & used to display the Windows key for my Win 8.1 installation

Is this tool a potential security threat?

A:Malwarebytes scan & result ... what action to take?

If it is this one:
ProduKey - Recover lost product key (CD-Key) of Windows/MS-Office/SQL Server

don't worry. Nirsoft produces some of the best small Windows utilities around. The developer has an excellent reputation. I have used many of them for years without issues.

Read other 3 answers
RELEVANCY SCORE 53.6

Installed Emsi AM & did a quick scan.
It found few threats & to me it all seems FPs.
Like it mention disabletaskmanager but taskmanager opens fine. Disablecmd but cmd opens fine too. Disable registry tools but regedit opens fine too.
What I could make out of the detection have mentioned.
Attached is the screenshot

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-191019590-2606562261-3006609305-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLECMD detected: Setting.DisableCMD (A)
Value: HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLECMD detected: Setting.Di... Read more

A:Emsisoft Antimalware Scan Result

Search Emsi support forum. Fabian Wosar discusses this in some threads. If I recall correctly he stated that there are cases where legitimate\safe security or other softs will create the above keys.

Since you have been installing various security softs maybe they are just left over - and are very unlikely an indication of any kind of serious infection...
 

Read other 11 answers
RELEVANCY SCORE 53.6

Here's the result after I scanned the computer. I hope this would help to solve my problem. I also want to thank you all for helping me.

DDS (Version 1.0) - NTFSx86
Run by Aaron Tran at 22:08:32.39 on Mon 11/24/2008
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2038.1501 [GMT -5:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Rainbow Technologies\SPN Combo Installer\1.0.5\Server\WinNT\spnsrvnt.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Viewpoint\... Read more

A:Rootkit, Gmer and DDS scan result

I Have A Message Saying" Error In:c\windows\system32\caewqgeycilvoe.dll
Missing Entry:dllstart:".
I Currently Run On Xp Home Edition. After I logged in, everything on the desktop disappeared. The only left to see is the screen saver. Results shown above after the Gmer and DDS scan. Please advise of what to do and how to fix this. Thank you!

Read other 3 answers
RELEVANCY SCORE 53.6

Every time I run a Malwarebytes scan I get the same result, as per the attached screenshot.

Can anyone advise me (1) if there is a problem, and (2) how to get rid of the offending result permanently?
(I have blanked the XXXXXX part of the result - it is just my PC user name)

A:MalwareBytes: Same result every time I run the scan

See this::
Remove PUP.Optional.DownloadSponsor.A (Removal Guide)

Read other 4 answers
RELEVANCY SCORE 53.6

Hi there!

I just recently got my system put back together and I have been slowly running a few online scans to make sure everything was clean while I was downloading security updates over this last weekend.

I ran one recommended to me called BitDefender last night, and it came up absolutely clean. I also ran another earlier called ewido, which also came up clean, other than a few tracking cookies which were no problem getting rid of.

I just ran Panda's free online scan and it brought up something...

C:/Windows/system32/Tools/Restart.exe It says that files is "Potentionally Unwanted Tool"

I did a search on these forums and found somebody else had this file come up in a Panda scan, so I followed one of the instructions listed, and uploaded it to a site to run several scans. Here are those results:
------------------
http://virusscan.jotti.org/
File: Restart.exe
Status: POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)
MD5 eb1b125ee5d2022cbf5e2f7226f47638
Packers detected: -
Scanner results
AntiVir Found SecurityPrivacyRisk/Destart.A riskware
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found... Read more

A:Panda Scan Result.. Restart.exe

Read other 9 answers
RELEVANCY SCORE 53.6

can someone review a highjack this txt and provide info on system???
there are a number of 023 dll's & exe listed unknown owners..

I trying to establish if the laptop cureenetly has / or has been infected with any spyware enabling backdoor hack / keyloggers.

A:Please review highjack this scan result

Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart the computer.The log can also be foun... Read more

Read other 1 answers
RELEVANCY SCORE 53.6

I just ran a full system scan with Avast 5.0. I got the result "Threat Detected". Avast found the following:

NPSExec.exe.

The file was moved to the Avast Virus Chest (quarantine) with the following information:

Threat: Win32: Malware-Gen Location: C:\Windows

I ran a general web search and also searched several Virus Libraries with no results found. Since it's in quarantine I can restore it if needed. Has anyone heard of this file or infection?

Thanks for your help and input.
 

Read other answers
RELEVANCY SCORE 53.6

Is this Ok now?

Logfile of HijackThis v1.99.1
Scan saved at 6:56:47 PM, on 1/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\BenQ\QMusic2\QMAgent.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Pro... Read more

A:Hijack log and Ewido scan result

Hi and welcome.

You need to reply back to this thread instead of creating a new one. I'd merge, but the site appears to be having problems right now.

http://forums.techguy.org/security/430387-hijackthis-log-help.html
 

Read other 1 answers
RELEVANCY SCORE 53.6

I seem to have rootkits. Can anyone tell me what these results mean?
Are all rootkits bad, or would it harm my pc to get rid of them all?
 

Read other answers
RELEVANCY SCORE 53.6

I have a feeling I am being hacked but can not identify what might be going on. I have had a couple spoof certificates that I have not accepted. Can you review my HijackThis scan below please. Thanks for your help. Gary
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:48:01 PM, on 11/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NETGEAR\NETGEAR ProSafe VPN Client\IreIKE.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\NETGEAR\NETGEAR ProSafe VPN Client\IPSecMon.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\spool\drivers\w32x8... Read more

Read other answers
RELEVANCY SCORE 53.2

I the log seems to only provide the following code (no explanation I can find) for a warning associated with the Quadro M1000M videl memory test. How/where do I determine the significance/explanation of the result code to determine if the problem is sufficient to contact warranty support? Quadro M1000MResult Code: WVC007000-UM7V1E  Mark   


























Log.PNG ?69 KB

Read other answers
RELEVANCY SCORE 52.8

i attempted logging into a game account of mine and got the message that my login info was incorrect. (i log into this account daily and am 100% on my login info). i saw an announcement from the game company on the login screen warning people not to use the same password on webistes and to run virus checks and such because there have been keyloggers stealing guild wars accounts for money recently. my question is not how to get the account back, but how to get rid of these things and MAKE SURE THEY DON'T COME BACK. thanks a lot - peace everyonea-squared Free - Version 4.5Last update: 12/23/2009 9:20:07 PMScan settings:Scan type: Deep ScanObjects: Memory, Traces, Cookies, C:\Scan archives: OnHeuristics: OffADS Scan: OnScan start: 12/27/2009 4:01:45 PM[3816] C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEMON.EXE detected: Riskware.AdWare.Mywebsearch!IKC:\Program Files (x86)\MyWebSearch\bar\2.bin\mwsoestb.dll detected: Adware.Win32.MyWebSearch!A2c:\program files (x86)\funwebproducts detected: Trace.Directory.FunWebProducts!A2c:\program files (x86)\funwebproducts\screensaver detected: Trace.Directory.MyWebSearch Toolbar!A2c:\program files (x86)\funwebproducts\screensaver\images detected: Trace.Directory.MyWebSearch Toolbar!A2c:\program files (x86)\mywebsearch\bar detected: Trace.Directory.MyWebSearch Toolbar!A2c:\program files... Read more

A:help: analyze a scan report (identify keyloggers)

Let's get another opinion.Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at th... Read more

Read other 5 answers
RELEVANCY SCORE 52.4

trend micro was the only product to score 100% in scan section conducted by avtest with win 7
http://www.av-test.org/en/news/news...ty-packages-at-the-end-of-mainstream-support/
 

A:Trend Micro scan result Scores 100% in AVTest

Myself alongside others take that result with a grain of salt so to say
 

Read other 1 answers
RELEVANCY SCORE 52.4

During a hardware scan, the USB test Failed. I got a result code: WMB01A008-WL7A8I.Why did my computer fail the USB test? and how can I fix this probem??

Read other answers
RELEVANCY SCORE 52.4

Can you tell me what this is for please?  I need to assess the potential cost of repair/replacement of pieces/parts vs new computer.  Thanks a bunch!

Read other answers
RELEVANCY SCORE 52.4

i need help.my pc keeps crashing and im trying to figure out why.im running windows 10 updated from windows 8 latelyi im currently defragging my harddisc and updating driversthe problem is that after half an hour or two my pc freezes and the only way to restart is to hold down the power button or pull out  the battery. afteer restart i have another half an hour or something.  

A:Lenovo z50 result code from error scan of storage ...

I'm having the exact same issue but my Code is: WHD01V011-DL7C8J What does this mean?  Does it mean my HDD is knackered?  I run a Lenovo Diagnostics Test and it passed all barring a few - Smart Drive etc failed. I'm concerned my laptops faulty and wondering if it's quick, easy and CHEAP to repair. ThanksAsh.

Read other 1 answers
RELEVANCY SCORE 52.4

Please help me with the  below result code of Hardware Scan Result Code: WHD01V002-UL7AGH 300-15ISK LAPTOP (IDEAPAD)

Read other answers
RELEVANCY SCORE 52.4

Hi again,,,just getting ready to install vista,, hopefully tomorrow,,,read loads just need a little advice on the last things before i go for it,,, Ran a vista scan to check software as i guessed i should be ok on the hardware and i am,,,,ran the scan from here,,,, http://www.microsoft.com/windowsvist...r/default.mspx ,,,, and heres the result of it as i need some advice on what some of these things are and where's the best place to get them from please
1,,,System Devices,,,,,,, AMD Special Tools Driver,,,,,,,,, Advanced Micro Devices,,,,,
2,,, System Devices,,,,,,,Silicon Image's Pseudo Processor Device,,,,, Silicon Image,,,
3,,,Network Adapters,,,,,, NVIDIA nForce Networking Controller,,,,,, Nvidia,,,,
4,,,Universal Serial Bus Controllers,,Maxtor OneTouch II ,,,,,,,,Maxtor,,,,
5,, Other Devices,,,,,,,,, Patin Couffin engine,,,,,,,,, VSO Software,,,,,
6,SCSI and RAID Controllers,, Silicon Image SiI 3114 SoftRaid 5 Controller,, Silicon Image
They come under 3 sections ,,,,,Category,,,,Model,,,,,,and,,Manufacturer,,,
I know it sounds really lazy not going to look for them and read about them but i have started and i am not quite sure about everything and a lot of you here know a lot more than me and would like to go for installing tomorrow but i would be greatful if you all could give a little bit of information please
 

A:Solved: vista scan result and information needed please

Read other 9 answers
RELEVANCY SCORE 52.4

I scanned my laptop with gmer, and I was suprised because it showed lots of malware / rootkit. Are these result reliable ?
 
 

A:Shocking "Rootkit" result from results from GMER scan

Hello,
Actually that log looks clean. What do you think is an indication of malware in this log? It just looks like you have Comodo or something similar installed which explains what you see in the log.

Read other 5 answers
RELEVANCY SCORE 52.4

I suspect my computer is infected with trojan or something like it. I would appreciate it if someone took the time to analyze my Combo Fix log and see if they can spot a problem. I will be very active and open to suggestions.
 
Combo Fix log
 
ComboFix 13-09-02.02 - DVD 3/2013 Tue  19:40:25.1.4 - x86
Microsoft Windows XP Professional  5.1.2600.3.932.81.1033.18.2046.947 [GMT -4:00]
Running from: c:\documents and settings\DVD\Desktop\ComboFix.exe
 * Resident AV is active
.
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\854D167A2F.sys
c:\documents and settings\All Users\Application Data\D81EDBF9-D167-4011-B77D-211DF920EB80
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\DVD\Application Data\2C8B6D
c:\documents and settings\DVD\Application Data\Desktopicon
C:\Documents
C:\Install.exe
c:\windows\apppatch\AppLoc.exe
c:\windows\system32\AegisI5Installer.exe
c:\windows\system32\syswinan.vbs
c:\windows\system32\xa7813265.exe
c:\windows\system32\xa7818656.exe
.
c:\windows\system32\midimap.dll . . . is infected!!
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-03 to 2013-09-03  )))))))))))))))))))))))))))))))
.
.
2013-09-03 09:47 . 2013-09-03 09:47    --------    d-----w-    c:\windows\system32\DRM
2013-08-31 18:57 ... Read more

A:Infected midimap.dll found during Combo Fix scan, need someone to analyze

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===
Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.
IMPORTANT

If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.

Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).===

Please download
Junkware Removal Tool to your Desktop.Please close your security software to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.The tool will open and start scanning your system.... Read more

Read other 3 answers